package fun.werfamily.wf.gateway.config;//package fun.werfamily.gateway.config;
//
//import lombok.extern.slf4j.Slf4j;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.http.HttpHeaders;
//import org.springframework.http.HttpMethod;
//import org.springframework.http.HttpStatus;
//import org.springframework.http.server.reactive.ServerHttpRequest;
//import org.springframework.http.server.reactive.ServerHttpResponse;
//import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
//import org.springframework.security.config.web.server.ServerHttpSecurity;
//import org.springframework.security.web.server.SecurityWebFilterChain;
//import org.springframework.web.cors.reactive.CorsUtils;
//import org.springframework.web.server.ServerWebExchange;
//import org.springframework.web.server.WebFilter;
//import org.springframework.web.server.WebFilterChain;
//import reactor.core.publisher.Mono;
//
///**
// * 网关层的安全配置
// * @Author: Chris.Zeng
// * @since: 2021/8/10
// */
//@Slf4j
//@Configuration
//public class SecurityConfig {
//
//    private static final String MAX_AGE = "18000L";
//
//    /**
//     * 跨域配置
//     */
//    public WebFilter corsFilter() {
//        return (ServerWebExchange ctx, WebFilterChain chain) -> {
//            ServerHttpRequest request = ctx.getRequest();
//            log.debug("请求头：【{}】", request.getHeaders().toSingleValueMap());
//            if (CorsUtils.isCorsRequest(request)) {
//                HttpHeaders requestHeaders = request.getHeaders();
//                ServerHttpResponse response = ctx.getResponse();
//                HttpMethod requestMethod = requestHeaders.getAccessControlRequestMethod();
//                HttpHeaders headers = response.getHeaders();
//                headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, requestHeaders.getOrigin());
//                headers.addAll(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, requestHeaders.getAccessControlRequestHeaders());
//                if (requestMethod != null) {
//                    headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, requestMethod.name());
//                }
//                headers.add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
//                headers.add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, "*");
//                headers.add(HttpHeaders.ACCESS_CONTROL_MAX_AGE, MAX_AGE);
//                if (request.getMethod() == HttpMethod.OPTIONS) {
//                    response.setStatusCode(HttpStatus.OK);
//                    return Mono.empty();
//                }
//            }
//            return chain.filter(ctx);
//        };
//    }
//
//    @Bean
//    SecurityWebFilterChain webFluxSecurityFilterChain(ServerHttpSecurity http, WebfluxReactiveAuthorizationManager webfluxReactiveAuthorizationManager) throws Exception{
//
//        //认证过滤器
//        AuthenticationWebFilter authenticationWebFilter = new AuthenticationWebFilter(webfluxReactiveAuthorizationManager);
//        authenticationWebFilter.setServerAuthenticationConverter(new ServerBearerTokenAuthenticationConverter());
//
//        http
//            .httpBasic().disable()
//            .csrf().disable()
//            .authorizeExchange().pathMatchers("/*/uaa/*", "/*/open/*").permitAll()
//            .pathMatchers(HttpMethod.OPTIONS).permitAll()
//            .anyExchange().access(new AccessManager())
//            .and()
//            // 跨域过滤器
//            .addFilterAt(corsFilter(), SecurityWebFiltersOrder.CORS)
//            //oauth2认证过滤器
//            .addFilterAt(authenticationWebFilter, SecurityWebFiltersOrder.AUTHENTICATION);
//        return http.build();
//    }
//
//    @Bean
//    SecurityWebFilterChain webFluxSecurityFilterChain(ServerHttpSecurity http) throws Exception{
//        http
//                .httpBasic().disable()
//                .csrf().disable()
//                .authorizeExchange().pathMatchers("/*/login/*", "/*/open/*").permitAll()
//                .pathMatchers(HttpMethod.OPTIONS).permitAll()
//                .and()
//                // 跨域过滤器
//                .addFilterAt(corsFilter(), SecurityWebFiltersOrder.CORS);
//        return http.build();
//    }
//}
